On 11/19/10 4:30 PM, Lawrence @ Rogers wrote:
\
I'm not sure how SPF could pass on this one. The sending server
doesn't have the same domain name, nor is using an IP authorized in
Facebook's SPF records. SPF is supposed to confirm that the sending
server is authorized to do so for the domain, but that clearly fails
here.
SPF is on ENVELOPE address, not header address.
Microsoft's patented 'sender id' (which they don't use) can use either.
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
ISN: 1259*1300
>*| *SECNAP Network Security Corporation
* Certified SNORT Integrator
* 2008-9 Hot Company Award Winner, World Executive Alliance
* Five-Star Partner Program 2009, VARBusiness
* Best in Email Security,2010: Network Products Guide
* King of Spam Filters, SC Magazine 2008
______________________________________________________________________
This email has been scanned and certified safe by SpammerTrap(r).
For Information please see http://www.secnap.com/products/spammertrap/
______________________________________________________________________
